Intel

Developer Zone

AMTProvision

com.intel.util

Class AMTProvision

  • java.lang.Object
    • com.intel.util.AMTProvision


  • public class AMTProvision
    extends java.lang.Object

    This class provides an interface to accomplish Intel® AMT ACM provisioning. Full provisioning (ACM - Admin Control Mode) can be accomplished from CCM (Client Control Mode - partial provisioning) or from NONE (not provisioned mode). Un-provision (full un-provision) will move the Intel® AMT state to NONE (not provisioned mode).

    The Intel® AMT states are:

    • PRE - not provisioned
    • IN - in the middle of a provisioning process (CCM or ACM)
    • POST - after a provisioning process (CCM or ACM)

    NOTE: It is not allowed to move to ACM while the Intel® AMT state is IN, UtilException.UtilException() will be thrown in this case.

    Supported on big-core platforms only. Using on small-core platforms will throw NotSupportedException
    • Field Detail

      • PASSWORD_ENCRYPTION_TYPE_NONE

        This constant is exposed on small-core platforms only
        public static final int PASSWORD_ENCRYPTION_TYPE_NONE
        See Also:
        Constant Field Values
      • PASSWORD_ENCRYPTION_TYPE_OTHER

        This constant is exposed on small-core platforms only
        public static final int PASSWORD_ENCRYPTION_TYPE_OTHER
        See Also:
        Constant Field Values
      • PASSWORD_ENCRYPTION_TYPE_HTTP_DIGEST_MD5

        This constant is exposed on small-core platforms only
        public static final int PASSWORD_ENCRYPTION_TYPE_HTTP_DIGEST_MD5
        See Also:
        Constant Field Values
      • CONTROL_MODE_NONE

        public static final int CONTROL_MODE_NONE
        Intel® AMT provision control mode - not provisioned
        See Also:
        Constant Field Values
      • CONTROL_MODE_CLIENT

        public static final int CONTROL_MODE_CLIENT
        Intel® AMT provision control mode - client mode (CCM)
        See Also:
        Constant Field Values
      • CONTROL_MODE_ADMIN

        public static final int CONTROL_MODE_ADMIN
        Intel® AMT provision control mode - admin mode (ACM)
        See Also:
        Constant Field Values
      • PROVISIONING_STATE_PRE

        public static final int PROVISIONING_STATE_PRE
        Intel® AMT provisioning state - not provisioned
        See Also:
        Constant Field Values
      • PROVISIONING_STATE_IN

        public static final int PROVISIONING_STATE_IN
        Intel® AMT provisioning state - in the middle of a provisioning process (to CCM or to ACM)
        See Also:
        Constant Field Values
      • PROVISIONING_STATE_POST

        public static final int PROVISIONING_STATE_POST
        Intel® AMT provisioning state - after a provisioning process
        See Also:
        Constant Field Values
      • NETWORK_PASSWORD_LENGTH

        public static final int NETWORK_PASSWORD_LENGTH
        Intel® AMT password size
        See Also:
        Constant Field Values
      • PROVISIONING_AUDIT_RECORD_LENGTH

        public static final int PROVISIONING_AUDIT_RECORD_LENGTH
        Max Intel® AMT provision audit record length
        See Also:
        Constant Field Values
      • UNPROVISIONING_AUDIT_RECORD_LENGTH

        This constant is supported on big-core platforms only
        public static final int UNPROVISIONING_AUDIT_RECORD_LENGTH
        Intel® AMT max un-provision audit record length
        See Also:
        Constant Field Values
      • MAX_SECURE_FQDN_LENGTH

        This constant is supported on big-core platforms only
        public static final int MAX_SECURE_FQDN_LENGTH
        Intel® AMT max secure FQDN length
        See Also:
        Constant Field Values
      • MAX_CONFIGURATION_SERVER_FQDN

        This constant is supported on big-core platforms only
        public static final int MAX_CONFIGURATION_SERVER_FQDN
        Intel® AMT max secure server domain FQDN length
        See Also:
        Constant Field Values
    • Method Detail

      • completeConfigurationToACM

        public static void completeConfigurationToACM(int networkAdminPasswordEncryptionType,
                                      byte[] networkAdminPassword,
                                      byte[] provisioningAuditRecord)
                                               throws UtilException,
                                                      IllegalParameterException
        Provision the Intel® AMT on the platform to ACM mode. Moving from CCM to ACM is allowed only if the password matches the password supplied when CCM provision was performed.
        Parameters:
        networkAdminPasswordEncryptionType - password encryption type NOTE: this parameter value is enforced to be only DIGEST MD5 (i.e. param value = 2)
        networkAdminPassword - Network password. password length is NETWORK_PASSWORD_LENGTH The password should be configured as the following: MD5("admin:<realm>:<password>") NOTE: AMTProvisioning user name is "admin". using other user name will success but authentication to WebUi will fail.
        provisioningAuditRecord - Provisioning audit record. record length is PROVISIONING_AUDIT_RECORD_LENGTH NOTE: this parameter can't be null.
        Throws:
        IllegalParameterException - if one or more of the input parameters is illegal
        UtilException - if any internal error occurred
        NotSupportedException - if AMT is not supported
      • completeConfigurationToACM

        Supported only on big-core platforms
        public static void completeConfigurationToACM(int networkAdminPasswordEncryptionType,
                                      byte[] networkAdminPassword,
                                      byte[] appletProvisioningAuditRecord,
                                      byte[] params)
                                               throws UtilException
        Provision the Intel® AMT on the platform to ACM mode.
        Parameters:
        networkAdminPasswordEncryptionType - password encryption type AMTProvision()
        networkAdminPassword - Network password length#AMTProvision.NETWORK_PASSWORD_LENGTH
        appletProvisioningAuditRecord - Provisioning audit record length #AMTprovision.PROVISIONING_AUDIT_RECORD_LENGTH
        params - an opaque context for future extensibility, currently not used
        Throws:
        IllegalParameterException - for illegal params
        UtilException - if any internal error occurred
        NotSupportedException - if AMT is not supported
      • unprovision

        Exist only on small-core platforms
        public static void unprovision()
                                throws UtilException
        Un-provisioning the Intel® AMT on the platform.
        Throws:
        UtilException - if any internal error occurred
        NotSupportedException - if AMT is not supported on this platform
      • unprovision

        Supported only on big-core platforms
        public static void unprovision(byte[] unprovisioningAuditRecord)
                                throws UtilException
        Complete un-provisioning of the AMT on the platform.
        Parameters:
        unprovisioningAuditRecord - the audit data associated with this un-provision operation
        Throws:
        UtilException - if any internal error occurred
        NotSupportedException - if AMT is not supported
      • unprovision

        Supported only on big-core platforms
        public static void unprovision(byte[] unprovisioningAuditRecord,
                       byte[] params)
                                throws UtilException
        Complete un-provisioning of the Intel® AMT on the platform.
        Parameters:
        unprovisioningAuditRecord - the audit data associated with this unprovision operation
        params - an opaque context for future extensibility, currently not used
        Throws:
        UtilException - if any internal error occurred
        NotSupportedException - if AMT is not supported
      • getProvisioningProtocolVersion

        public static AMTProvision.ProtocolVersion getProvisioningProtocolVersion()
                                                                           throws UtilException
        Returns the current Intel® DAL assisted Intel® AMT provisioning protocol version
        Returns:
        The current AMT protocol version
        Throws:
        UtilException - if any internal error occurred
        NotSupportedException - if Intel® AMT is not supported on this platform
      • getControlMode

        public static int getControlMode()
                                  throws UtilException
        Retrieve the Intel® Intel® AMT provisioning control mode
        Returns:
        Intel® AMT Control mode (one of the CONTROL_MODE_* constants)
        Throws:
        UtilException - if any internal error occurred
        NotSupportedException - if AMT is not supported on this platform
      • getProvisioningState

        public static int getProvisioningState()
                                        throws UtilException
        Retrieve the Intel® AMT provisioning state
        Returns:
        AMT provisioning state (one of the PROVISIONING_STATE_* constants)
        Throws:
        UtilException - if any internal error occurred
        NotSupportedException - if AMT is not supported on this platform
      • getProvisioningAuditRecord

        public static byte[] getProvisioningAuditRecord()
                                                 throws UtilException
        Retrieve the AMT legacy provisioning (setup) audit record. The last record in the AMT provisioning (setup) log is retrieved.
        Returns:
        Intel® AMT provisioning audit record buffer
        Throws:
        UtilException - if any internal error occurred
        NotSupportedException - if AMT is not supported on this platform
      • getAppletProvisioningAuditRecord

        Supported only on big-core platforms
        public static byte[] getAppletProvisioningAuditRecord()
                                                       throws UtilException
        Retrieve the applet AMT provisioning (setup) audit record. The record which is provided in AMTProvision.completeConfigurationToACM()
        Returns:
        applet Intel® AMT provisioning audit record buffer
        Throws:
        UtilException - if any internal error occurred
        NotSupportedException - if AMT is not supported
      • getSecureFqdn

        Supported only on big-core platforms
        public static int getSecureFqdn(byte[] fqdn)
                                 throws UtilException
        Returns the current secure FQDN that has been provisioned to Intel® AMT (the provisioning server FQDN).
        Parameters:
        Empty - fqdn byte array (allocated by user @link #AMTProvision.MAX_SECURE_FQDN_LENGTH)
        Returns:
        The actual size of the fqdn
        Throws:
        IllegalParameterException - for illegal params
        UtilException - if any internal error occurred
        NotSupportedException - if AMT is not supported
      • getSecureServerDomainFqdn

        Supported only on big-core platforms
        public static int getSecureServerDomainFqdn(byte[] domain)
                                             throws UtilException
        Returns the current secure domain server FQDN that has been provisioned to AMT (the provisioning server FQDN).
        Parameters:
        Empty - domain server fqdn byte array (allocated by user @link #AMTProvision.MAX_CONFIGURATION_SERVER_FQDN)
        Returns:
        The actual size of the domain server fqdn
        Throws:
        IllegalParameterException - for illegal params
        UtilException - if any internal error occurred
      • getUniquePlatformId

        Exists only on small-core platforms
        public static byte[] getUniquePlatformId()
                                          throws UtilException
        Get the unique platform ID
        Returns:
        Unique platform Id buffer
        Throws:
        UtilException